I have a Java client trying to access a server with a self-signed certificate. When I try to Post to the server, I get the following error: unable to find valid certification path to requested target Having done some research on the issue, I then did the following. Saved my servers domain name as a root.cer f…
Tag: ssl
Why does SSL handshake give ‘Could not generate DH keypair’ exception?
When I make an SSL connection with some IRC servers (but not others – presumably due to the server’s preferred encryption method) I get the following exception: Final cause: An example of a server that demonstrates this problem is aperture.esper.net:6697 (this is an IRC server). An example of a se…
Trust Store vs Key Store – creating with keytool
I understand that the keystore would usually hold private/public keys and the trust store only public keys (and represents the list of trusted parties you intend to communicate with). Well, that’s my first assumption, so if that’s not correct, I probably haven’t started very well… I wa…
how to accept self-signed certificates for JNDI/LDAP connections?
I need to connect to an LDAP directory over SSL. In non-production environments, we use self-signed certificates which, of course, fails to validate with: I am aware of how to use a custom trust manager for SSL-enabled connections, but don’t know how to use one in connection with the JNDI API where I do…
How to extract CN from X509Certificate in Java?
I am using a SslServerSocket and client certificates and want to extract the CN from the SubjectDN from the client’s X509Certificate. At the moment I call cert.getSubjectX500Principal().getName() but this of course gives me the total formatted DN of the client. For some reason I am just interested in th…
How to ignore SSL certificate errors in Apache HttpClient 4.0
How do I bypass invalid SSL certificate errors with Apache HttpClient 4.0? Answer You need to create a SSLContext with your own TrustManager and create HTTPS scheme using this context. Here is the code,
Import PEM into Java Key Store
I am trying to connect to an SSL server which requires me to authenticate myself. In order to use SSL over Apache MINA I need a suitable JKS file. However, I have only been given a .PEM file. How would I go about creating a JKS file from a PEM file? Answer First, convert your certificate in a DER format
How to import an existing X.509 certificate and private key in Java keystore to use in SSL?
I have this in an ActiveMQ config: I have a pair of X.509 cert and a key file. How do I import those two in order to use them in SSL and SSL+stomp connectors? All examples I could google always generate the key themselves, but I already have a key. I have tried but this only imports the certificate and